Вредоносная компания копирует новостной портал для распространения инфостиллера - SEC-1275-1
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 32a289db-ee70-484d-bfec-dd4a461b2c9e |
| Fingerprint | ced46a65b34265d9 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 11, 2023, midnight |
| Added to db | Nov. 19, 2023, 9:30 p.m. |
| Last updated | Sept. 4, 2024, 9:30 p.m. |
| Headline | Вредоносная компания копирует новостной портал для распространения инфостиллера |
| Title | Вредоносная компания копирует новостной портал для распространения инфостиллера - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 4/1/32 |
Source URLs
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | windowsreport.com |
|
| Details | Domain | 4 | 11234jkhfkujhs.site |
|
| Details | Domain | 4 | 11234jkhfkujhs.top |
|
| Details | Domain | 6 | argenferia.com |
|
| Details | Domain | 6 | cilrix-corp.pro |
|
| Details | Domain | 6 | cilrix-corporate.online |
|
| Details | Domain | 6 | corporatecomf.online |
|
| Details | Domain | 6 | realvnc.pro |
|
| Details | Domain | 6 | thecoopmodel.com |
|
| Details | Domain | 6 | winscp-apps.online |
|
| Details | Domain | 6 | wireshark-app.online |
|
| Details | Domain | 10 | workspace-app.online |
|
| Details | Domain | 2 | ivcgroup.in |
|
| Details | Domain | 2 | kaotickontracting.info |
|
| Details | Domain | 2 | robo-claim.site |
|
| Details | File | 2 | realvnc-x64.msi |
|
| Details | File | 2 | citrix-x64.msi |
|
| Details | File | 1 | kaotickontracting.inf |
|
| Details | File | 2 | hdr.jpg |
|
| Details | File | 2 | team.tar |
|
| Details | File | 2 | cpu-z-x86.msi |
|
| Details | sha256 | 1 | 419e06194c01ca930ed5d7484222e6827fd24520e72bfe6892cfde95573ffa16 |
|
| Details | sha256 | 1 | 55d3ed51c3d8f56ab305a40936b446f761021abfc55e5cc8234c98a2c93e99e1 |
|
| Details | sha256 | 1 | 9acbf1a5cd040c6dcecbe4e8e65044b380b7432f46c5fbf2ecdc97549487ca88 |
|
| Details | sha256 | 1 | cf9589665615375d1ad22d3b84e97bb686616157f2092e2047adb1a7b378cc95 |
|
| Details | IPv4 | 2 | 81.177.136.179 |
|
| Details | IPv4 | 2 | 94.131.111.240 |
|
| Details | Url | 1 | http://argenferia.com/realvnc-x64.msix |
|
| Details | Url | 1 | http://ivcgroup.in/temp/citrix-x64.msix |
|
| Details | Url | 1 | http://kaotickontracting.info/account/hdr.jpg |
|
| Details | Url | 1 | http://robo-claim.site/order/team.tar.gpg |
|
| Details | Url | 1 | http://thecoopmodel.com/cpu-z-x86.msix |